SIT763 Information Security Management Assessment

SIT763 Information Security Management Assessment

SIT763 Information Security Management Assessment

Introduction

The modern Healthcare organizations are affected with many vital factors brings about changes in the method of conducting the activities and dealing with the patients. The priority of considering these factors are gaining relevance in the current world where there are number of health care centers existing to provide with high quality services to the patients. The most vital element that a health care organization has to consider is the high quality service offered to the patients. This factor has a high impact on the health of the patients which can be improved with the good care of the patients by all the staffs in the health care unit to ensure safety and quality services to the patients. The relevance of technology and its applications in the modern healthcare firms are inevitable. Here comes in to the picture the importance of Public Cloud Computing that helps in the storage and communicating the relevant information to the patients in an quicker and easier manner. The cloud computing services can be availed from various vendors wherein an effective access of servers, storage and networks is ensured whenever the need for them arises. This essay describes about the feasibility and utility of the PCC in the healthcare firms along with the focus on its benefits and the risks associated with it for applying the healthcare industry (Subashini, S., & Kavitha, V, 2011).

SIT763 Information Security Management Assessment, INFORMATION SECURITY, online assignment help

Factors affecting modern Health care organizations

The modern Healthcare organizations are affected with many vital factors brings about changes in the method of conducting the activities and dealing with the patients. The priority of considering these factors are gaining relevance in the current world where there are number of health care centers existing to provide with high quality services to the patients. The most vital element that a healthcare organization has to consider is the high quality service offered to the patients. This factor has a high impact on the health of the patients which can be improved with the good care of the patients by all the staffs in the health care unit to ensure safety and quality services to the patients. When it comes to a proper and efficient health care, these below factors impacting its functioning, are to be given importance for the healthcare units to reach their motto of quality services and safety environment (Marston, S., Li, Z., Bandyopadhyay, S., Zhang, J., & Ghalsasi, A, 2011). They are as below:

  • Patient’s Safety:Health care organizations are concerned with the curing of health related problems of the patients. This industry is one of the most delicate one and is emotions linked. Hence, utmost care has to be taken to ensure complete safety of patients. The reputation and goodwill of these organizations is an important factor for the patients to decide whether to approach these units. When there was any incidence proving unsafe environment in a health care organization, the patient flow to such units will be less. This is possible by providing a safer and comfortable environment in the health care units for its patients. Equipped with all the required staffs who give individual care to the patients is an essential factor to be considered by health care units for more patients’ inflow.
  • Proven track record: The quality of services offered by healthcare organizations has a huge impact on the success and patient ration of the modern healthcare organizations. It is often seen that people always check about the previous achievements and the level of quality in services, and the efficiency of the health care unit to cure the health issues of the patients. This is mainly due to the availability of a large number of healthcare units giving the patients more number of choices. IT is easier for a health care organization to get chosen by the patients when it has a proven track record of curing the acute illness. This proves the efficiency of the healthcare unit which gives an impression in the minds of the patients that this is the best place where they will get the complete cure for their illness. Though it takes a lot of time to create this impression in the patients, this aspect will increase the number of patients accessing the modern healthcare units.
  • Information Technology:The prominence of information technology is at high degree in any organizations as a result of globalization. Information technology and innovative equipments are very much needed and helpful in the health care organizations as well. Healthcare organizations with modern innovative equipments can easily cure even the chronic diseases of the patients. Thus, patients will always prefer reaching such healthcare units which has high tech equipments. This ensures them a fast relief from the illness. Also, with the existence of the updated and innovative software, more efficiency in the management of all the functions in the healthcare organizations is possible. There will be fewer errors which will otherwise occur when transactions in between the departments are done manually Baun, C, 2011).

Public Cloud Computing (PCC)

Public Cloud Computing (PCC) is a model based on the standard computing model which helps the service provider to communicate the resources of the firm like applications and storage to the general public through internet. The services of the public cloud computing will be offered freely or on a payment basis, which is purely decided by the organizations offering the same. The use of PCC is beneficial for the organizations in many ways.  Some of the well known public clouds computing models used by firms are Amazon Elastic Compute Cloud (EC2), IBM's Blue Cloud, Sun Cloud, Google App Engine and Windows Azure Services Platform (Schweitzer, E. J, 2012).

Feasibility of using public cloud computing in the healthcare sector

Health care organizations have to come up with good organizational models. This is possible with the effective utilization of all its capacities in all departments and with a good leadership factors. The entire department in the healthcare units should be interconnected and communication between them should be transparent and clear and the relevant data of all the departments of healthcare organizations are to be stored efficiently for the proper functioning of the organization. This ensures a better functioning of the organization and is an instance of a good organizational model. This helps in achieving the ultimate goals in a better way. By implementing the same, the healthcare organization can ensure quality in service delivery and better cure of illness.

The success of the healthcare organizations will be increased by its capacity to resolve the challenges that come its way. There can be challenges in inefficiencies in the correct storage of data and information, especially when it has branches international level. When the challenges are analyzed and faced successful, the healthcare units will be able to deliver its services effectively so that the patients will be relieved from the illness with a better cure. When there was a black mark for the healthcare unit as a result of mistakes in the treatment, this is also considered as a challenge in their functioning. This has been eliminated with more effort resulting in the quality deliverables so that the challenges can be eliminated. Hence, it will not affect the further functioning of the health care organization (Hurwitz, J., Bloor, R., Kaufman, M., & Halper, F, 2009). 

Here comes the role of the Public Cloud Computing and its impact in the healthcare firms. The need for PCC is in a high degree especially in the healthcare industry, especially where a large number of new cases will occur which requires intensive usage and storage of data and information. This helps the doctors, physicians and office staffs to communicate the required information to the patients through internet. This ensures quick accessibility of the information to the patients which help the patients in following the required actions appropriately so as to ensure an easier cure of their health issues.

Utility of public cloud computing (PCC)

In the current scenario where everything is computerized and the use of technology is a prominent factor in every organization, even many healthcare organizations also started with the use of Public Cloud Computing for enhancing the efficiency of the operations of their business. The implementation of PCC in healthcare firms also helps in the provision of a better patient care with the help of the automated system and easy access of data and information. Some of the PCC features that help in the effective running of the healthcare organizations are as below:

Electronic Medical Records (EMR)

EMRare now widely used in majority of the healthcare firms like hospitals and clinics. EMR helps in the reduction in the time required to implement the same. The initial costs of setting up this software are much lower compared to the other applications. These are especially suitable for smaller healthcare firms or clinics. The usage of the same will also ensure better scalability and the over provisioning of the equipment which otherwise required in the initial stage can be avoided.  The healthcare firms can also ensure that less time and effort is required to analyse any issue related to the illness of the patients and their records. The time needed for testing and implementing the tests are comparatively lesser. A better control of the overall costs of the healthcare firms can be controlled with help of EMR.

Office Productivity

With the application of cloud-based solution, the healthcare firms ensure more safety and security in its operations with quickness in the operational capacity.  One of such most efficient cloud based solution is Office 365 which adds value to healthcare firms of all sizes. The smaller organizations receives a major benefit out of its use which otherwise will have to install license and manage it locally. With the help of the PCC, the productivity of the office and among the hospital staffs can be increased as this is an effective means of communication, which delivers a clear and transparent communication of data and information among all departments of the healthcare firms. Such effectiveness in communication may not be fulfilled through emails, audio conferencing, instant messages, and telephones and so on. Thereby, the overall functioning of the healthcare organizations can be increased and carried out in a smooth way.

Health Information Exchange (HIE)

A proper exchange of information between the staff’s surgeons, physicians etc of different department in the healthcare firms are essential for the proper resolution of the patients’ ailments and health problems. The more easiness in sharing such relevant information ensures faster relief or resolutions to the issues. This is possible using the Health Information Exchange (HIE). This not only enables clarity and better understanding of the information passed, but also the correct treatment is provided to the patients. That leads to increased satisfaction levels of the patients and also leads to a better corporation among the various staffs in the healthcare firms.

Physician Collaboration Solutions (PCS)

This is one of the most innovate technologies used in PCC which enables the physicians to approach to the patients individually in to his room through video conferencing. With the existence of this technology, the patients are supposed to get instant access to the physicians even though they are located in the remote areas, which are out of reach to good healthcare firms. Application of this facility in a healthcare organization would increase the visits of the patients in the such healthcare units and their reliability towards the healthcare units will be increased as a result o f more comfortable approach to the physicians by the patients.

Clinical Information Systems (CIS)

With an increased number of patients approaching to the healthcare units daily for consulting specialized physicians. There will be more patients’ data to be stored and it has to be quickly managed. Along the proper management, security measures are also to be applied so that there is no leakage or missing of the relevant patients’ data and the elimination of errors. With the support of Clinical Information Systems, the physician can schedule the various tests to be conducted; a fast access to the test results can be done. They are even able to send the prescription details directly to the pharmacy. Through CIS, the management of the even the critical data is possible which are collected from the specialists and doctors in an efficient manner so that the further chaos in the double entry or omissions in the data can be avoided.

By implementing these solutions in the PCC, the healthcare firms can increase its operational efficiency and carry out a proper management of its activities by ensuring proper care and attention to the patients. This will in turn leads to the success and growth of the healthcare firms in a long run without the need for a big investment in the application of these systems.

Risks of migration to PCC

Even through application of PCC is a cost effective and a great support for the healthcare firms, there are certain risks that these firms may face while migrating its operations to PCC. Some of them are as below (Barua, M., Liang, X., Lu, R., & Shen, X, 2011):

Environmental insecurity

There are several security risks for using PCC in the healthcare industry.  The access to the data stored may not restrict to only authenticate users if there is no password protection or proper security implemented in the same. This leads to more risks in accessing the data stored by unauthorized users in which the confidential details related to the patients or such information will be accessed by fraud and the data can be prone to many security attacks like brute force attacks, malware and other attacks. If proper security measures are not applied, there are even chances of missing of the relevant patients’ data or other clinical information. This will lead to greater risks such as wrong prescription for the health issues of the patients, leading to bad reputation of the healthcare firm.

Data privacy and security

When the confidential data are hosted with the providers of the cloud services, there is a large involvement of a major control of data security transferred to the cloud service providers. In such scenarios, it is possible for leakage of the private data to the cloud provider. Hence, it is essential to make sure that the respective vendor has a good understanding of the data privacy and security. The knowledge of the data privacy and security rules and regulations by the provider are to be ensured, such as HIPAA, the Payment Card Industry Data Security Standard (DCI DSS), the Federal Information Security Management Act of 2002 (FISMA) and so on.

Data availability and business continuity

One of the main aspects in a healthcare firm is the availability of all the data all the time so that there are no obstacles in accessing the data even at the time of any emergency situations or after the business hours. A proper availability of the data enables the smoothing running and continuity of the business activities in the healthcare organizations. Cloud computing is an internet based system and hence the risk involved in losing the internet connections and inability to access the need information at the appropriate time will not be possible. This affects the overall functioning of the business activities in a negative manner, especially for a healthcare organization, where the need for the availability of data all the time is of higher degree as it is concerned with the risk of health issues of the patients. When the data hosting server is seized, there are chances that all the data stored in the system will be interrupted by unrelated services. This paves ways to the unsuccessful operations of the healthcare organizations. This leads to even bad reputation of the company as there are chances of occurrences of adverse health issues due to the delays in getting the treatment as a result of data crashes or server issues (Carlin, S., & Curran, K, 2011).

Record retention requirements

In a health care firm, the retention of the records are usual as the patients may return for the further treatments, especially in the cases of serious ailments where periodical checkups are required for the same patients. In such scenarios, the retention of a patient history and records are necessary. It is to be ensured that the cloud provider has a complete knowledge of a record retention. If this factor us not considered by the cloud provider, it will have a serious impact in the conduct of the functions in the healthcare firm and also adversely affects the cure of the patients’ health issues at the right time and in the right way. This affects the brand image of the healthcare firm and walk away of a major percent of the patients from the hospitals or clinics. Moreover, the physicians will also find it difficult to make correct prescriptions without the proper flow of the record of the patients’ illness.

No Disaster recovery

It is essential to keep the disaster recovery for cloud computing. If there is no provision of disaster recovery in cloud computing, all the stored data will be lost and these data cannot be recovered. This has a huge impact on the business continuity and in the cure of the patients’ health issues.

Benefits of PCC in Healthcare Sector

With the implementation of PPC, the benefits of it are multifold. A few of them are listed below:

Capacity to handle high volume of work

PPC is such an online data storage and application system that helps in the storage of high volume of work. In an healthcare firm, there will be large volume of data and information related to the patients and other clinical information. There will be a need for the proper storage of these data in a confidential manner. The implementation of PPC will help in storage of a large volume of data with high level of security. There will be a high volume of data on a daily basis which are to be properly classified and stored so as to enable no confusions and chaos in the data storage. With a proper record of the data, the physicians and the staffs to access the required data in the right time so that the delays in the treatment or tests can be eliminated leading to the smooth running of the business activities.

Low Capital Costs

By using the cloud computing, the healthcare firms are able to provide unique services to the patients and other visitors to the hospital. They can ensure more quality services, which brings in positive changes in the goodwill and business functioning of the firms. By using the cloud computing, the firms can use large amount of computing resources. This helps the firms the high volume of service demands that enhances the efficiency of the business operation. While the cost incurred is not limited to the capacity utilized. By this, the overall costs of the healthcare firms can be reduced. This helps in increasing the profit margins of the business and thereby an easier achievement of the business goals (Zhang, R., & Liu, L, 2010, July).

Low IT operating costs

It is possible for the healthcare organizations to rent more service space for a particular time period when compared to maintaining the proprietary servers. There has to be no worry about the up gradation of the resources whenever there is any introduction of new applications. Hosting of virtual IT infrastructure is possible through cloud computing by offering lower cost.

No hardware or software installation or maintenance

For the application of the cloud computing, there is no requirement of the hardware or software installation or maintenance. Thus the implementation of PCC is an easier task. The same applies to the cost incurred for the same as there will be lower cost compared to the installation of other systems and applications. The maintenance cost will also be not required to be incurred by the healthcare firms with the application of PCC.

Quick Access

A healthcare firm is one of the busiest type of organization, wherein there is a high need for the accessing the data at the right time. Especially,  at the time of emergency health issues or operations. There may be circumstances where the proper and relevant data are inaccessible at the needed time, which may be lead to issues in the healthcare firms among the staffs or with the patients. Such issues and chaos can be avoided with the application of PCC, where the quick access of the relevant data is possible. This ensure effective running of the business and in the business continuity.

Conclusion

While concluding, it is understood that the healthcare organization and its role in the human life is of utmost prominence. It is due to this factor, such units have to analyze the factors affecting their functioning. By a proper analysis, the healthcare units will come to know where they are lacking in the service design and in the delivery of the services. After a proper analysis of these factors, they are supposed to design the service levels in such an away in order to ensure a correct and premium service offered to the patients. This attracts more patients to the health care units and they will get a better cure. In this essay, it is discussed that PCC plays a vital role in the success and growth of healthcare industry, wherein the firms can access to the stored data and applications in a quick manner whenever necessary. This is also a major factor in delivering services to the patients as well. The essay also says about the different systems used in PCC like EMR, CIS, PCS, HIE etc for a better efficiency of the business operations. A health care organization with a good organizational model, quality services, devoted staffs and better management of all functions will be a great help to the society as a whole (Zissis, D., & Lekkas, D, 2012).

References

  • Subashini, S., & Kavitha, V. (2011). A survey on security issues in service delivery models of cloud computing. Journal of Network and Computer Applications, 34(1), 1-11.
  • Marston, S., Li, Z., Bandyopadhyay, S., Zhang, J., & Ghalsasi, A. (2011). Cloud computing—The business perspective. Decision Support Systems, 51(1), 176-189.
  • Zhang, R., & Liu, L. (2010, July). Security models and requirements for healthcare application clouds. In Cloud Computing (CLOUD), 2010 IEEE 3rd International Conference on (pp. 268-275). IEEE.
  • Zissis, D., & Lekkas, D. (2012). Addressing cloud computing security issues.Future Generation Computer Systems, 28(3), 583-592.
  • Barua, M., Liang, X., Lu, R., & Shen, X. (2011). ESPAC: Enabling Security and Patient-centric Access Control for eHealth in cloud computing. International Journal of Security and Networks, 6(2), 67-76.
  • Carlin, S., & Curran, K. (2011). Cloud computing security. International Journal of Ambient Computing and Intelligence (IJACI), 3(1), 14-19.
  • Schweitzer, E. J. (2012). Reconciliation of the cloud computing model with US federal electronic health record regulations. Journal of the American Medical Informatics Association, 19(2), 161-165.
  • Baun, C. (2011). Cloud computing: Web-based dynamic IT services. Springer.
  • Hurwitz, J., Bloor, R., Kaufman, M., & Halper, F. (2009). Cloud computing for dummies (Vol. 1). John Wiley & Sons.